{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53637", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-10-07T15:16:59.658Z", "datePublished": "2025-10-07T15:19:38.317Z", "dateUpdated": "2025-10-07T15:19:38.317Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-07T15:19:38.317Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: ov772x: Fix memleak in ov772x_probe()\n\nA memory leak was reported when testing ov772x with bpf mock device:\n\nAssertionError: unreferenced object 0xffff888109afa7a8 (size 8):\n comm \"python3\", pid 279, jiffies 4294805921 (age 20.681s)\n hex dump (first 8 bytes):\n 80 22 88 15 81 88 ff ff .\"......\n backtrace:\n [<000000009990b438>] __kmalloc_node+0x44/0x1b0\n [<000000009e32f7d7>] kvmalloc_node+0x34/0x180\n [<00000000faf48134>] v4l2_ctrl_handler_init_class+0x11d/0x180 [videodev]\n [<00000000da376937>] ov772x_probe+0x1c3/0x68c [ov772x]\n [<000000003f0d225e>] i2c_device_probe+0x28d/0x680\n [<00000000e0b6db89>] really_probe+0x17c/0x3f0\n [<000000001b19fcee>] __driver_probe_device+0xe3/0x170\n [<0000000048370519>] driver_probe_device+0x49/0x120\n [<000000005ead07a0>] __device_attach_driver+0xf7/0x150\n [<0000000043f452b8>] bus_for_each_drv+0x114/0x180\n [<00000000358e5596>] __device_attach+0x1e5/0x2d0\n [<0000000043f83c5d>] bus_probe_device+0x126/0x140\n [<00000000ee0f3046>] device_add+0x810/0x1130\n [<00000000e0278184>] i2c_new_client_device+0x359/0x4f0\n [<0000000070baf34f>] of_i2c_register_device+0xf1/0x110\n [<00000000a9f2159d>] of_i2c_notify+0x100/0x160\nunreferenced object 0xffff888119825c00 (size 256):\n comm \"python3\", pid 279, jiffies 4294805921 (age 20.681s)\n hex dump (first 32 bytes):\n 00 b4 a5 17 81 88 ff ff 00 5e 82 19 81 88 ff ff .........^......\n 10 5c 82 19 81 88 ff ff 10 5c 82 19 81 88 ff ff .\\.......\\......\n backtrace:\n [<000000009990b438>] __kmalloc_node+0x44/0x1b0\n [<000000009e32f7d7>] kvmalloc_node+0x34/0x180\n [<0000000073d88e0b>] v4l2_ctrl_new.cold+0x19b/0x86f [videodev]\n [<00000000b1f576fb>] v4l2_ctrl_new_std+0x16f/0x210 [videodev]\n [<00000000caf7ac99>] ov772x_probe+0x1fa/0x68c [ov772x]\n [<000000003f0d225e>] i2c_device_probe+0x28d/0x680\n [<00000000e0b6db89>] really_probe+0x17c/0x3f0\n [<000000001b19fcee>] __driver_probe_device+0xe3/0x170\n [<0000000048370519>] driver_probe_device+0x49/0x120\n [<000000005ead07a0>] __device_attach_driver+0xf7/0x150\n [<0000000043f452b8>] bus_for_each_drv+0x114/0x180\n [<00000000358e5596>] __device_attach+0x1e5/0x2d0\n [<0000000043f83c5d>] bus_probe_device+0x126/0x140\n [<00000000ee0f3046>] device_add+0x810/0x1130\n [<00000000e0278184>] i2c_new_client_device+0x359/0x4f0\n [<0000000070baf34f>] of_i2c_register_device+0xf1/0x110\n\nThe reason is that if priv->hdl.error is set, ov772x_probe() jumps to the\nerror_mutex_destroy without doing v4l2_ctrl_handler_free(), and all\nresources allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std()\nare leaked."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/i2c/ov772x.c"], "versions": [{"version": "1112babde21483d86ed3fbad1320b0ddf9ab2ece", "lessThan": "cc3b6011d7a9f149489eb9420c6305a779162c57", "status": "affected", "versionType": "git"}, {"version": "1112babde21483d86ed3fbad1320b0ddf9ab2ece", "lessThan": "448ce1cd50387b1345ec14eb191ef05f7afc2a26", "status": "affected", "versionType": "git"}, {"version": "1112babde21483d86ed3fbad1320b0ddf9ab2ece", "lessThan": "dfaafeb8e9537969e8dba75491f732478c7fa9d6", "status": "affected", "versionType": "git"}, {"version": "1112babde21483d86ed3fbad1320b0ddf9ab2ece", "lessThan": "1da495101ef7507eb4f4b1dbec2874d740eff251", "status": "affected", "versionType": "git"}, {"version": "1112babde21483d86ed3fbad1320b0ddf9ab2ece", "lessThan": "ac93f8ac66e60227bed42d5a023f0e6c15b52c0a", "status": "affected", "versionType": "git"}, {"version": "1112babde21483d86ed3fbad1320b0ddf9ab2ece", "lessThan": "c86d760c1c6855a6131e78d0ddacc48c79324ac3", "status": "affected", "versionType": "git"}, {"version": "1112babde21483d86ed3fbad1320b0ddf9ab2ece", "lessThan": "7485edb2b6ca5960205c0a49bedfd09bba30e521", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/i2c/ov772x.c"], "versions": [{"version": "4.17", "status": "affected"}, {"version": "0", "lessThan": "4.17", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.276", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.235", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.173", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.99", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.16", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.3", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "4.19.276"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "5.4.235"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "5.10.173"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "5.15.99"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.1.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.2.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/cc3b6011d7a9f149489eb9420c6305a779162c57"}, {"url": "https://git.kernel.org/stable/c/448ce1cd50387b1345ec14eb191ef05f7afc2a26"}, {"url": "https://git.kernel.org/stable/c/dfaafeb8e9537969e8dba75491f732478c7fa9d6"}, {"url": "https://git.kernel.org/stable/c/1da495101ef7507eb4f4b1dbec2874d740eff251"}, {"url": "https://git.kernel.org/stable/c/ac93f8ac66e60227bed42d5a023f0e6c15b52c0a"}, {"url": "https://git.kernel.org/stable/c/c86d760c1c6855a6131e78d0ddacc48c79324ac3"}, {"url": "https://git.kernel.org/stable/c/7485edb2b6ca5960205c0a49bedfd09bba30e521"}], "title": "media: i2c: ov772x: Fix memleak in ov772x_probe()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: ov772x: Fix memleak in ov772x_probe()\n\nA memory leak was reported when testing ov772x with bpf mock device:\n\nAssertionError: unreferenced object 0xffff888109afa7a8 (size 8):\n comm \"python3\", pid 279, jiffies 4294805921 (age 20.681s)\n hex dump (first 8 bytes):\n 80 22 88 15 81 88 ff ff .\"......\n backtrace:\n [<000000009990b438>] __kmalloc_node+0x44/0x1b0\n [<000000009e32f7d7>] kvmalloc_node+0x34/0x180\n [<00000000faf48134>] v4l2_ctrl_handler_init_class+0x11d/0x180 [videodev]\n [<00000000da376937>] ov772x_probe+0x1c3/0x68c [ov772x]\n [<000000003f0d225e>] i2c_device_probe+0x28d/0x680\n [<00000000e0b6db89>] really_probe+0x17c/0x3f0\n [<000000001b19fcee>] __driver_probe_device+0xe3/0x170\n [<0000000048370519>] driver_probe_device+0x49/0x120\n [<000000005ead07a0>] __device_attach_driver+0xf7/0x150\n [<0000000043f452b8>] bus_for_each_drv+0x114/0x180\n [<00000000358e5596>] __device_attach+0x1e5/0x2d0\n [<0000000043f83c5d>] bus_probe_device+0x126/0x140\n [<00000000ee0f3046>] device_add+0x810/0x1130\n [<00000000e0278184>] i2c_new_client_device+0x359/0x4f0\n [<0000000070baf34f>] of_i2c_register_device+0xf1/0x110\n [<00000000a9f2159d>] of_i2c_notify+0x100/0x160\nunreferenced object 0xffff888119825c00 (size 256):\n comm \"python3\", pid 279, jiffies 4294805921 (age 20.681s)\n hex dump (first 32 bytes):\n 00 b4 a5 17 81 88 ff ff 00 5e 82 19 81 88 ff ff .........^......\n 10 5c 82 19 81 88 ff ff 10 5c 82 19 81 88 ff ff .\\.......\\......\n backtrace:\n [<000000009990b438>] __kmalloc_node+0x44/0x1b0\n [<000000009e32f7d7>] kvmalloc_node+0x34/0x180\n [<0000000073d88e0b>] v4l2_ctrl_new.cold+0x19b/0x86f [videodev]\n [<00000000b1f576fb>] v4l2_ctrl_new_std+0x16f/0x210 [videodev]\n [<00000000caf7ac99>] ov772x_probe+0x1fa/0x68c [ov772x]\n [<000000003f0d225e>] i2c_device_probe+0x28d/0x680\n [<00000000e0b6db89>] really_probe+0x17c/0x3f0\n [<000000001b19fcee>] __driver_probe_device+0xe3/0x170\n [<0000000048370519>] driver_probe_device+0x49/0x120\n [<000000005ead07a0>] __device_attach_driver+0xf7/0x150\n [<0000000043f452b8>] bus_for_each_drv+0x114/0x180\n [<00000000358e5596>] __device_attach+0x1e5/0x2d0\n [<0000000043f83c5d>] bus_probe_device+0x126/0x140\n [<00000000ee0f3046>] device_add+0x810/0x1130\n [<00000000e0278184>] i2c_new_client_device+0x359/0x4f0\n [<0000000070baf34f>] of_i2c_register_device+0xf1/0x110\n\nThe reason is that if priv->hdl.error is set, ov772x_probe() jumps to the\nerror_mutex_destroy without doing v4l2_ctrl_handler_free(), and all\nresources allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std()\nare leaked."}], "id": "CVE-2023-53637", "lastModified": "2025-10-07T16:15:46.883", "metrics": {}, "published": "2025-10-07T16:15:46.883", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1da495101ef7507eb4f4b1dbec2874d740eff251"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/448ce1cd50387b1345ec14eb191ef05f7afc2a26"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7485edb2b6ca5960205c0a49bedfd09bba30e521"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ac93f8ac66e60227bed42d5a023f0e6c15b52c0a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c86d760c1c6855a6131e78d0ddacc48c79324ac3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cc3b6011d7a9f149489eb9420c6305a779162c57"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/dfaafeb8e9537969e8dba75491f732478c7fa9d6"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{}